Standard content for Members only
To continue reading this article, please login to your Utility Week account, Start 14 day trial or Become a member.
If your organisation already has a corporate membership and you haven’t activated it simply follow the register link below. Check here.
Adrian Crawley, regional director for Northern EMEA, Radware, explains the new tranche of cyber warfare means business.
In the last few months we’ve witnessed some pretty sizeable black outs as power lines up and down the country were hit by storms. It’s an act of God that any country plans for. Perhaps not to the extent that we saw over Christmas, but nonetheless, there is a certain inevitability that the more remote parts of the UK will be without power at some point in the year.
And of course, if it’s not the weather driving the contingency planning then it’s oil. But could things really get as bad as they were in the 70s when three-day weeks were introduced to manage the impact of inflationary prices?
In short, yes they could. But I suspect it won’t be over oil prices as Ukrainians can testify. More likely it will be because of a cyber attack. It seems extreme to write it, but it’s not fiction. It is now a reality.
What happened in the Ukraine back in December and in the summer in 2014 were warnings to anyone involved in utilities. Cyber warfare is a real threat to business and lives, and a targeted attack can have dramatic consequences on infrastructure.
You might argue that it’s not going to happen here. That the alleged fallout of the frosty relations between Russia and Ukraine won’t dissipate further into Europe.
Unfortunately it’s not the case. While it might not be ‘state sponsored’ the reality is that attacks are happening and with some frequency. In the utility sector specifically, attacks from political hacktivists account for 37 per cent of the attacks. In fact if you look back just over the last five years, there is a definite trend emerging – if there’s heightened political unrest then attacks spike, and you can be thousands of miles away from the epicentre of instability and still be a target.
But that’s not the only threat utilities are coping with today. Attacks motivated by ransom are on the up and accounted for 30per cent of attacks on utilities last year. While traditionally ransom attacks have been associated to the financial industry we are now seeing a big swing in favour of organisations that are lynchpins in society. They are easy targets – the more you fear national infrastructure taking a hit the more likely you are to succumb.
Or so the hackers like to think. In truth, there is absolutely no need to pay a ransom to stop an attack. If you have the right defences in place most organisations would cope and withstand an attack, to the extent that the hackers would get bored. They only continue if it’s not money that is the motivator.
But that’s not to say you should be complacent either. Attacks like this a manageable if you are in a position to spot them, or you’ve been lucky enough to receive an email telling you that you are about to be attacked. These warning shots are helpful as you can gear up defences, but next to useless if they get stuck in spam filters as is so often the case in my experience. So while technology will be your friend, a diligent set of employees is your boon. Get them checking and reporting ransom emails and you stand a very good fighting chance.
Perhaps the most surprising stat is this one – 22 per cent of attacks on utilities are believed to have been unleashed by the competition. Yes that’s right, the competition. Proving that you really do need to be prepared for anything.
And anything really does mean anything today. While virus, malware and the more traditional denial of service attacks have been the norm, now we see a completely new intensive type of attack where not a single person need be involved safe for pushing the ‘start’ button.
That’s because there is a growing trend for advanced persistent denial of service attacks that use robots to attack company networks. In fact in the last year the number of attacks from ‘burst bots’ doubled. Burst bots are exactly as they sound, short intensive attacks run by robots. They can also be unrelenting and run for weeks or even months. It’s what we call the ‘internet of zombies’. A mindless form of machine combat.
For any business this poses challenges. Mainly how will you cope? The answer lies in changing the strategy for managing attacks to one that combines good bots with people skills. In fact, the companies that are most successful at allaying such attacks are those that have swapped people as their first line of defence for a virtual cyber army.
These ‘good bots’ are able to detect and respond far quicker than any human brain and once invoked can run without intervention. This leaves businesses with the skills available to make more strategic decisions about how the infrastructure needs to adapt to the changing landscape, whether that landscape is political or socio-economic.
Certainly from the conversations I have there is a growing appreciation that you can no longer consign intercity black outs to the past. Instead, it’s now a case of resurrecting the business continuity plans you once had to deal with black outs, and updating them to cope with the unknown. It really is time to build a strategy of resilience we thought was only for the fiction of Men in Black.
Adrian Crawley, regional director for Northern EMEA, Radware
Please login or Register to leave a comment.